Posted Content•

# Direct Exponent and Scalar Multiplication Classes of an MDS Matrix.

TL;DR: Ghulam Murtaza, Nassar Ikram as discussed by the authors presented an idea of direct exponent and direct square of a matrix and showed that direct exponent may not be an MDS matrix.

Abstract: Ghulam Murtaza, Nassar Ikram 1,2 National University of Sciences and Technology, Pakistan azarmurtaza@hotmail.com dr_nassar_ikram@yahoo.com Abstract. An MDS matrix is an important building block adopted by different algorithms that provides diffusion and therefore, has been an area of active research. In this paper, we present an idea of direct exponent and direct square of a matrix. We prove that direct square of an MDS matrix results in an MDS matrix whereas direct exponent may not be an MDS matrix. We also delineate direct exponent class and scalar multiplication class of an MDS matrix and determine the number of elements in these classes. In the end, we discuss the standing of design properties of a cryptographic primitive by replacing MDS matrix by dynamic one.

##### Citations

More filters

•

11 Dec 2017

TL;DR: In this article, the authors proposed a Dynamic Mix Column Transformation (DCT) based on the default MDS Matrix of AES and mbit additional key, where m is a variable length that does not exceed the product of 31.97 and one less the number of encryption rounds.

Abstract: MDS Matrix has an important role in the design of Rijndael Cipher and is the most expensive component of the cipher. It is also used as a perfect diffusion primitive in some other block ciphers. In this paper, we propose a replacement of Mix Column Transformation in AES by equivalent Dynamic Mix Column Transformation. A Dynamic Mix Column Transformation comprises dynamic MDS Matrices which are based on default MDS Matrix of AES and mbit additional key. Here m is a variable length that does not exceed the product of 31.97 and one less the number of encryption rounds. This mechanism increases a brute force attack complexity by m-bit to the original key and enforces the attackers to design new frameworks for different modern cryptanalytic techniques applicable to the cipher. We also present efficient implementation of this technique in Texas Instrument’s DSP C64x+ with no extra cost to default AES and in Xilinx Spartan3 FPGA with no change in AES throughput. We also briefly analyze the security achieved over it.

9 citations

••

TL;DR: Some new results on the preservation of many good cryptographic properties of MDS matrices under direct exponent transformation are presented and are shown to have important applications in constructing dynamic diffusion layers for block ciphers.

Abstract: Maximum Distance Separable (MDS) code has been studied for a long time in the coding theory and has been applied widely in cryptography. The methods for transforming an MDS into other ones have been proposed by many authors in the literature. These methods are called MDS matrix transformations in order to generate different MDS matrices (dynamic MDS matrices) from an existing one. In this paper, some new results on the preservation of many good cryptographic properties of MDS matrices under direct exponent transformation are presented. These good cryptographic properties include MDS, involutory, symmetric, recursive (exponent of a companion matrix), the number of 1's and distinct elements in a matrix, circulant and circulant-like . In addition, these results are shown to have important applications in constructing dynamic diffusion layers for block ciphers. The strength of the ciphers against developing cryptanalytic techniques can be enhanced by the dynamic MDS diffusion layers.

4 citations

•

17 Jun 2011

TL;DR: In this paper, the authors presented a method of linear transformation in substitution-permutation network symmetric-key block cipher (SPSC) for key-dependent MDS matrices.

Abstract: One embodiment of the present invention is a method of linear transformation in Substitution-Permutation Network symmetric-key block cipher producing n x n key-dependent MDS matrices from given n x n MDS matrix by scalar multiplication and permutations of elements of given matrix where multiplicative scalar and permutations are derived from binary inputs of length l . The method comprising deriving multiplicative scalar from binary input; multiplying given matrix with multiplicative scalar, producing first intermediate matrix; deriving first permutation of n objects from binary input; permuting rows of first intermediate matrix according to first permutation, producing second intermediate matrix; deriving second permutation of n objects from binary input; and permuting columns of second intermediate matrix according to second permutation to produce final MDS matrix. Another embodiment of the present invention is a method of linear transformation in Substitution-Permutation Network symmetric-key block cipher producing n x n key-dependent MDS matrices from given n x n MDS matrix by scalar multiplication and permutations of elements of given matrix where multiplicative scalar and permutations are derived from binary inputs of length l . The method comprising deriving multiplicative scalar from the key (202); multiplying given matrix with multiplicative scalar to produce first intermediate matrix (204); deriving first permutation of n objects from the key (206); permuting rows of first intermediate matrix according to first permutation to produce second intermediate matrix (208); deriving second permutation of n objects from the key (304); and permuting columns of second intermediate matrix according to second permutation (212) to produce final MDS matrix (214).

4 citations

••

01 Oct 2015

TL;DR: Some new results on direct exponent transformation are presented to show the k* number (cycle) that direct p exponent of the MDS matrix fork times results in the original M DS matrix, which has important applications in block ciphers.

Abstract: MDS code has been studied for a long time in the theory of error-correcting code and has been applied widely in cryptography. Some authors studied and proposed some methods for constructing MDS matrices which do not based on MDS code. Some MDS matrix transformations have been studied and direct exponent is such a transformation. In this paper we present some new results on direct exponent transformation to show the k* number (cycle) that direct p exponent of the MDS matrix fork times results in the original MDS matrix. In addition, the results are shown to have important applications in block ciphers.

3 citations

••

01 Jun 2017

TL;DR: The process of encryption and decryption by dynamic MDS matrices is proven to be calculated more quickly by salvaging the original M DS matrices.

Abstract: MDS (Maximum Distance Separable) matrices have an important role in the design of block ciphers and hash functions. The methods for transforming an MDS matrix into other ones to create dynamic MDS matrix for use have been proposed by many authors in the literature. In this paper, dynamic MDS matrices generated from direct exponent and scalar multiplication transformations are studied in the term of calculating effectively the outputs of the dynamic MDS matrices based on original MDS matrices when the inputs are known, as well as the calculating effectively the inputs of the dynamic MDS matrices based on original MDS matrices when the outputs are known. The process of encryption and decryption by dynamic MDS matrices is proven to be calculated more quickly by salvaging the original MDS matrices. In addition, a way for calculating quickly the direct exponent of MDS matrices based on a lookup table is presented.

2 citations

##### References

More filters

••

TL;DR: A theory of secrecy systems is developed on a theoretical level and is intended to complement the treatment found in standard works on cryptography.

Abstract: THE problems of cryptography and secrecy systems furnish an interesting application of communication theory.1 In this paper a theory of secrecy systems is developed. The approach is on a theoretical level and is intended to complement the treatment found in standard works on cryptography.2 There, a detailed study is made of the many standard types of codes and ciphers, and of the ways of breaking them. We will be more concerned with the general mathematical structure and properties of secrecy systems.

8,777 citations

•

14 Feb 2002

TL;DR: The underlying mathematics and the wide trail strategy as the basic design idea are explained in detail and the basics of differential and linear cryptanalysis are reworked.

Abstract: 1. The Advanced Encryption Standard Process.- 2. Preliminaries.- 3. Specification of Rijndael.- 4. Implementation Aspects.- 5. Design Philosophy.- 6. The Data Encryption Standard.- 7. Correlation Matrices.- 8. Difference Propagation.- 9. The Wide Trail Strategy.- 10. Cryptanalysis.- 11. Related Block Ciphers.- Appendices.- A. Propagation Analysis in Galois Fields.- A.1.1 Difference Propagation.- A.l.2 Correlation.- A. 1.4 Functions that are Linear over GF(2).- A.2.1 Difference Propagation.- A.2.2 Correlation.- A.2.4 Functions that are Linear over GF(2).- A.3.3 Dual Bases.- A.4.2 Relationship Between Trace Patterns and Selection Patterns.- A.4.4 Illustration.- A.5 Rijndael-GF.- B. Trail Clustering.- B.1 Transformations with Maximum Branch Number.- B.2 Bounds for Two Rounds.- B.2.1 Difference Propagation.- B.2.2 Correlation.- B.3 Bounds for Four Rounds.- B.4 Two Case Studies.- B.4.1 Differential Trails.- B.4.2 Linear Trails.- C. Substitution Tables.- C.1 SRD.- C.2 Other Tables.- C.2.1 xtime.- C.2.2 Round Constants.- D. Test Vectors.- D.1 KeyExpansion.- D.2 Rijndael(128,128).- D.3 Other Block Lengths and Key Lengths.- E. Reference Code.

3,444 citations

01 Jan 1998

TL;DR: The design of both the round function and the key schedule permits a wide variety of tradeoffs between speed, software size, key setup time, gate count, and memory.

Abstract: Twofish is a 128-bit block cipher that accepts a variable-length key up to 256 bits. The cipher is a 16-round Feistel network with a bijective F function made up of four key-dependent 8-by-8-bit S-boxes, a fixed 4-by-4 maximum distance separable matrix over GF(2), a pseudo-Hadamard transform, bitwise rotations, and a carefully designed key schedule. A fully optimized implementation of Twofish encrypts on a Pentium Pro at 17.8 clock cycles per byte, and an 8-bit smart card implementation encrypts at 1660 clock cycles per byte. Twofish can be implemented in hardware in 14000 gates. The design of both the round function and the key schedule permits a wide variety of tradeoffs between speed, software size, key setup time, gate count, and memory. We have extensively cryptanalyzed Twofish; our best attack breaks 5 rounds with 2 chosen plaintexts and 2 effort.

403 citations

01 Jan 2003

TL;DR: Whirlpool, a 512-bit hash function operating on messages less than 2 bits in length, is presented, designed according to the Wide Trail strategy and permits a wide variety of implementation tradeoffs.

Abstract: We present Whirlpool, a 512-bit hash function operating on messages less than 2 bits in length. The function structure is designed according to the Wide Trail strategy and permits a wide variety of implementation tradeoffs. (Revised on May 24, 2003)

239 citations

•

23 Apr 1999

TL;DR: Twofish Design Goals, Performance of Twofish, Cryptanalysis of Tw ofish, and Conclusions and Further Work.

Abstract: Twofish Design Goals. Twofish Building Blocks. Twofish. Performance of Twofish. Twofish Design Philosophy. The Design of Twofish. Design of the Twofish Key Schedule. Cryptanalysis of Twofish. Using Twofish. Historical Remarks. Conclusions and Further Work. References. Index.

223 citations